CVE-2018-10925
Description
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with INSERT ... ON CONFLICT DO UPDATE. An attacker with CREATE TABLE privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain INSERT and limited UPDATE privileges to a particular table, they could exploit this to update other columns in the same table.
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.383
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update PostgressSQL to 9.5.14 | Windows |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 10.5 | Windows |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 9.6.10 | Windows |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 9.5.14 | Windows |
| object-relational SQL database (USN-3744-1) postgresql-10_10.5-0ubuntu0.18.04_i386.deb | Linux |
| object-relational SQL database (USN-3744-1) postgresql-10_10.5-0ubuntu0.18.04_amd64.deb | Linux |
| object-relational SQL database (USN-3744-1) postgresql-9.3_9.3.24-0ubuntu0.14.04_i386.deb | Linux |
| object-relational SQL database (USN-3744-1) postgresql-9.3_9.3.24-0ubuntu0.14.04_amd64.deb | Linux |
| object-relational SQL database (USN-3744-1) postgresql-9.5_9.5.14-0ubuntu0.16.04_i386.deb | Linux |
| object-relational SQL database (USN-3744-1) postgresql-9.5_9.5.14-0ubuntu0.16.04_amd64.deb | Linux |
| postgresql-9.6 security update(DSA-4269-1) postgresql-9.6_9.6.10-0+deb9u1_amd64.deb | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Desktop 12-SP3 ) postgresql96-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Desktop 12-SP3 ) postgresql96-debuginfo-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Desktop 12-SP3 ) postgresql96-debugsource-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Desktop 12-SP3 ) postgresql96-libs-debugsource-9.6.10-3.22.1.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Server 12-SP3 ) postgresql96-contrib-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Server 12-SP3 ) postgresql96-contrib-debuginfo-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Server 12-SP3 ) postgresql96-docs-9.6.10-3.22.7.noarch.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Server 12-SP3 ) postgresql96-server-9.6.10-3.22.7.x86_64.rpm | Linux |
| SUSE-SU-2018:3377-1(SUSE Linux Enterprise Server 12-SP3 ) postgresql96-server-debuginfo-9.6.10-3.22.7.x86_64.rpm | Linux |
| Update PostgressSQL to 9.5.14 (For Linux) | Linux |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 10.5 (For Linux) | Linux |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 9.6.10 (For Linux) | Linux |
| Vulnerabilities CVE-2018-10925,CVE-2018-10915 are fixed in PostgreSQL 9.5.14 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234